Closed Bug 1852738 Opened 1 year ago Closed 10 months ago

Reset noise seed when user clears site data

Categories

(Core :: Privacy: Anti-Tracking, enhancement)

Product:
Core
Component:
Privacy: Anti-Tracking
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
124 Branch
Tracking Flags:
Tracking Status
firefox124 --- fixed

People

(Reporter: pbz, Assigned: timhuang)

References

(Blocks 1 open bug)

Details

(Whiteboard: [fpp:m6])

Attachments

(4 files)

Bug 1852738 - Part 1: Use a hash map keyed by originAttributes to store browsing session keys. r?tjr
48 bytes, text/x-phabricator-request
Details | Review
Bug 1852738 - Part 2: Implement fingerprinting random key clean up functions. r?tjr!
48 bytes, text/x-phabricator-request
Details | Review
Bug 1852738 - Part 3: Add a FingerprintingProtectionState cleaner. r?pbz!
48 bytes, text/x-phabricator-request
Details | Review
Bug 1852738 - Part 4: Add tests. r?tjr!,pbz!
48 bytes, text/x-phabricator-request
Details | Review

When a user clears data for a site mid session it's important to reset the random noise seed as well so the site can't re-identify them.

Whiteboard: [fpp:m6]
Assignee: nobody → tihuang

The patch introduces a hash map to replace the existing normal and
private browsing session keys. The hash map is keyed by
OriginAttributes, so it can support the existing use cases and further
expends to other originAttributes cases, such as userContextId. To
support per-site keying, we rely on the partitionKey to separate keys
across different top-level sites.

We also change the way how we clear keys, it now uses
OriginAttributesPattern to clear keys.

This patch implements a FingerprintingProtectionState cleaner that calls
the clear functions to reset fingerprinting random key.

Depends on D196301

The patch adds a test function to nsIRFPService.idl for generating
fingerprinting randomization key for the given channel. It also adds
tests for ensuring the ClearDataService properly clears the random key.

Depends on D196302

The following patches are waiting for review from an inactive reviewer:

ID Title Author Reviewer Status
D196302 Bug 1852738 - Part 3: Add a FingerprintingProtectionState cleaner. r?pbz! timhuang pbz: Back Jan 2, 2024
D196303 Bug 1852738 - Part 4: Add tests. r?tjr!,pbz! timhuang pbz: Back Jan 2, 2024

:timhuang, could you please find another reviewer?

For more information, please visit BugBot documentation.

Flags: needinfo?(tihuang)
Flags: needinfo?(tihuang)
Pushed by tihuang@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/4424d9358917 Part 1: Use a hash map keyed by originAttributes to store browsing session keys. r=tjr https://hg.mozilla.org/integration/autoland/rev/32d7dafd4cff Part 2: Implement fingerprinting random key clean up functions. r=tjr https://hg.mozilla.org/integration/autoland/rev/891c7efe66ce Part 3: Add a FingerprintingProtectionState cleaner. r=pbz,geckoview-reviewers,owlish https://hg.mozilla.org/integration/autoland/rev/fed5165a02c0 Part 4: Add tests. r=tjr,pbz
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: